From 4c5bce1b65689f9c3ea7944413d334a5fc2e3013 Mon Sep 17 00:00:00 2001
From: Andrew Block <andy.block@gmail.com>
Date: Mon, 22 Sep 2025 03:30:15 -0500
Subject: [PATCH] feat(container): added non-privileged image user (#336)

Signed-off-by: Andrew Block <andy.block@gmail.com>
---
 Dockerfile | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Dockerfile b/Dockerfile
index 795baf6..bb8d7e4 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -8,6 +8,7 @@ RUN make build
 FROM registry.access.redhat.com/ubi9/ubi-minimal:latest
 WORKDIR /app
 COPY --from=builder /app/kubernetes-mcp-server /app/kubernetes-mcp-server
+USER 65532:65532
 ENTRYPOINT ["/app/kubernetes-mcp-server", "--port", "8080"]
 
 EXPOSE 8080